Skip to main content

Manage object lock

Last update:
For your information

Object locking can be managed by:

If Object Lock is enabled in your bucket, you can manage object locking. The available lock actions depend on the lock type and mode.

Object locking can be managed in the control panel, through S3 API, and tools that use it—for example, AWS CLI.

Retention-period lock

Check for a retention-period lock

If you have segmented objects, you cannot check for locks on individual segments; you can only check the lock on the object itself. Segments inherit the lock settings applied to the object.

  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, check the retention-period lock status.

Enable retention-period lock

If both a retention-period lock and a legal hold are enabled for an object, the legal hold takes precedence.

To have the retention-period lock applied to all new objects in a bucket by default, use the Enable retention-period lock in a bucket by default section of the Object Lock guide.

To upload an object with a lock enabled immediately, use AWS CLI; for details, see the Upload object section of the AWS CLI guide.

  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, in the Retention-period lock row, click Edit.
  6. Select the Lock object checkbox.
  7. Select a lock mode.
  8. Specify the lock duration.
  9. Click Save.

Change the retention-period lock duration

If the lock mode is set to:

  • Governance — the lock duration can be shortened or extended;
  • Compliance — the lock duration can only be extended.

In the control panel, you can only extend the lock duration. To shorten the duration, use S3 API or tools that use it—for example, AWS CLI.

  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, in the Retention-period lock row, click Edit.
  6. Specify the new lock duration.
  7. Click Save.

Change the retention-period lock mode

You can only change the lock mode from Governance to Compliance.

You cannot change the retention-period lock mode in the control panel. Use S3 API or tools that use it—for example, AWS CLI.

Disable retention-period lock

You can only disable a retention-period lock in Governance mode.

Only the Account owner or a user with the member role can disable the retention-period lock in the control panel.

  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, in the Retention-period lock row, click Edit.
  6. Uncheck the Lock object checkbox.
  7. Click Save.

If you have segmented objects, you cannot check for locks on individual segments; you can only check the lock on the object itself. Segments inherit the lock settings applied to the object.

  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, check the legal hold status.

If both a retention-period lock and a legal hold are enabled for an object, the legal hold takes precedence.

  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, enable the legal hold.
  1. In the control panel, on the top menu, click Products and select S3.
  2. Go to the Buckets section.
  3. Open the bucket page → Objects tab.
  4. Open the object page.
  5. In the Object Lock block, disable the legal hold.